Playing with computers since age 13, time to start documenting all the wonderful things and treasures I have discovered and developed - also a blog to serve as a time-saver by not having to reinvent the wheel.

Search

Friday, January 25, 2019

Three Steps to Unblock Fail2Ban Banned IP address from SSH Jail

I run many internet-facing servers reporting SSH dictionary and DDoS attacks via Fail2Ban to blocklist.de and sometimes end up in a situation where I manage to block myself out from my servers, especially when my residential ISP IP address changes. Here is a recap of what I do to unban a IP from Fail2Ban's SSH jail.

Execute the following three steps to unban (unblock) a IP address banned by Fail2Ban in the SSH jail. Tested on Fail2Ban v0.8.11. These steps do not need arcane fail2ban-client commands and manipulate iptables directly instead.

Step 1

# iptables -n -L --line-numbers | grep <ip address to unban>

Step 2

Note down the line number (rule number) at the beginning of the output of the prior command line.

Step 3

# iptables -D fail2ban-ssh <line number from previous step>

That's it. You can, of course, add the IP to be never banned to jail.local's exclusion list for the ban to not happen again.